/* PKCS#8 DH is defined in PKCS#11 of all places. It is similar to DH in
- * that the AlgorithmIdentifier contains the paramaters, the private key
+ * that the AlgorithmIdentifier contains the parameters, the private key
* is explcitly included and the pubkey must be recalculated.
*/
return BN_num_bits(pkey->pkey.dh->p);
}
+static int dh_security_bits(const EVP_PKEY *pkey)
+ {
+ return DH_security_bits(pkey->pkey.dh);
+ }
+
static int dh_cmp_parameters(const EVP_PKEY *a, const EVP_PKEY *b)
{
if ( BN_cmp(a->pkey.dh->p,b->pkey.dh->p) ||
int_dh_size,
dh_bits,
+ dh_security_bits,
dh_param_decode,
dh_param_encode,
int_dh_size,
dh_bits,
+ dh_security_bits,
dh_param_decode,
dh_param_encode,
ASN1_OBJECT *aoid;
int atype;
void *aval;
- ASN1_INTEGER *public_key;
+ ASN1_INTEGER *public_key = NULL;
int rv = 0;
EVP_PKEY *pkpeer = NULL, *pk = NULL;
DH *dhpeer = NULL;
const unsigned char *p;
int plen;
+
X509_ALGOR_get0(&aoid, &atype, &aval, alg);
if (OBJ_obj2nid(aoid) != NID_dhpublicnumber)
goto err;
ASN1_OCTET_STRING *ukm;
const unsigned char *p;
unsigned char *dukm = NULL;
- size_t dukmlen;
+ size_t dukmlen = 0;
int keylen, plen;
const EVP_CIPHER *kekcipher;
EVP_CIPHER_CTX *kekctx;
ASN1_OCTET_STRING *ukm;
unsigned char *penc = NULL, *dukm = NULL;
int penclen;
- size_t dukmlen;
+ size_t dukmlen = 0;
int rv = 0;
int kdf_type, wrap_nid;
const EVP_MD *kdf_md;